The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2757 advisory.

  - 389-ds-base: race condition on reference counter leads to DoS using persistent search (CVE-2018-10850)

  - 389-ds-base: ldapsearch with server side sort allows users to cause a crash (CVE-2018-10935)

  - 389-ds-base: Server crash through modify command with large DN (CVE-2018-14624)

  - 389-ds-base: Crash in delete_passwdPolicy when persistent search connections are terminated unexpectedly     (CVE-2018-14638)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

RHEL 7 : 389-ds-base (RHSA-2018:2757)

high Nessus Plugin ID 117774

Version 1.11